Cloud Computing: Concerns and challenges
for its adoption in SMEs and large
companies in Japan
Christian Arturo Meza Alvarez
A Thesis Submitted to Ritsumeikan Asia-Pacific University for the
Degree of Master in Business Administration
Graduate School of Management
Ritsumeikan Asia-Pacific University
Statement of Authenticity
I Christian Arturo Meza Alvarez
Hereby declare that this submission is my own work and that, to the best of my knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the award of any other degree or diploma at Ritsumeikan Asia-Pacific University or any other educational institution, except where due acknowledgment is made in the thesis.
I agree that the thesis be accessible for the purpose of study and research in accordance with the standard conditions established by the University Librarian for the care, loan and reproduction of the thesis.*
Signature
Date
Page | i
Abstract
Cloud Computing paradigm spurt recently with its “pay-as-you-go” IT business model as its flagship. Its presence is becoming evident everywhere in the media and in the real world businesses that have already adopted it. This work intends to gain an insight and see what is happening in the case of Japanese market towards adoption of cloud computing nascent technology. A certain level of awareness is already present among Japanese companies. Security portrays itself as the barrier for firms looking to incorporate cloud services. Early adopters identify some elements worth mentioning for this technology to become more attractive and as part of its constant evolution.
An online questionnaire was launched aiming at Japanese companies listed in the JASDAQ document as of November 2010. The results obtained are in correspondence to those watched in similar studies performed for other markets (i.e. USA, Europe). Security concerns are still the main obstacles for adopting cloud computing technology, although some companies recognized their lack of savvy in this field. For early adopters the panorama looks more promising, with results showing that some companies have entrusted part of their business critical systems (BCS) to be deployed into the cloud. Also, firms are using mainly solutions in the application layer of the cloud called software-as-a-service (SaaS). The future of cloud computing technology looks bright for the Japanese market.
Page | ii
List of Figures
Fig. 1. Adoption (%) in USA households for some innovations. ...2
Fig. 2. Cloud computing layers ... 14
Fig. 3. Traffic curve (Gamestop.com) ... 17
Fig. 4. Traffic curve (Amazon.com) ... 18
Fig. 5. Hype cycle. ... 23
Fig. 6. Hype Cycle's traps. ... 24
Fig. 7. Google Trends about Cloud Computing (global). ... 25
Fig. 8. Hype Cycle's opportunities. ... 26
Fig. 9. Hype cycle showing current state for Cloud Computing technology. ... 27
Fig. 10. Google Trends about Cloud Computing (Japan). ... 32
Fig. 11. Cloud adoption rate as part of corporate IT. ... 38
Fig. 12. Is cloud computing the next IT model? ... 38
Fig. 13. BCS migration rate into the Cloud. ... 39
Fig. 14. Utilization rate of Cloud layers. ... 40
Page | iii
Table of Contents
Abstract ... i
List of Figures ... ii
Table of Contents ... iii
Chapter 1. Introduction ...1
1.1. Technology Adoption ...1
1.1.1. Invention, diffusion and adoption ...1
1.1.2. Modeling diffusion ...2
1.1.3. Demand factors ...4
1.2. Advent of Cloud Computing ...4
1.3. Objectives ...5
1.4. Research Questions ...6
1.5. Methodology ...6
1.5.1. Online Questionnaire Application Tool ...7
Chapter 2. Literature Review ... 10
2.1. What is Cloud Computing? ... 10
2.1.1. IT evolution for cloud computing ... 11
2.1.2. Cloud layers ... 14
2.1.3. Where to adopt the Cloud ... 17
2.1.4. Where NOT to adopt the Cloud ... 19
2.2. Hype Cycle ... 21
2.2.1. The Cloud in the Hype Cycle ... 25
2.3 Security and Vulnerability ... 28
Page | iv
Chapter 3. Results and Discussion ... 37
Chapter 4. Conclusions and Policy implications ... 42
4.1. Policy implications ... 42 4.1.1. Privacy ... 42 4.1.2. Security ... 43 4.1.3. Standardization ... 44 4.1.4. Jurisdiction ... 44 4.2. Conclusions ... 45 Bibliography ... 47 Appendix ... 49
Page | 1
Chapter 1. Introduction
1.1. Technology Adoption
The impact of a new technology on economic growth can be seen only when it is extensively used and diffused in a society. Talking about diffusion, it is the result of a chain of decisions to start making use of the new technology; such decisions come usually from a comparison of its ambiguous benefits and the corresponding costs of adoption. For economists, analyzing the elements of growth, as well as for technology developers, it is essential to get a grasp of the factors behind the choice whether to adopt it or not.
1.1.1. Invention, diffusion and adoption
Invention of a new technology appears commonly to happen in a single installment, while its equivalent diffusion behaves in a relatively slow and continuous process. And rather than invention or innovation, diffusion is the determinant aspect of how productivity changes and economic growth happens. In order to understand how technological change develops and why in occasions it seems to be slow, we must understand how the diffusion process occurs.
Diffusion can be perceived as the cumulative incremental benefits of technology adoption against the costs implied usually within uncertainty levels and limited information. Costs and benefits can be affected by the technology vendors‟ decisions (1).
The most import thing is not about whether to adopt the new technology or not, it is rather related to when the decision should be taken, at an early stage or later on. The reason behind this is about the relationship between the streams of benefits obtained through the entire life of the adopted innovation and the unrecoverable costs commonly incurred at the moment of adoption. Additionally, there may be extra fees (frequently less than initial cost) for using certain types of new technology.
Page | 2
On one hand, adoption is regularly an absorbing phase, this means that a technology is rarely preferred over an old one. Again, the large benefit obtained is much more than the associated cost obstacle; once the difficulty has passed, the costs are sunk and a decision to drop it means resigning the benefit and loosing the cost. On the other hand, under the influence of uncertainty, a delayed adoption can be the result of waiting before the costs are sunk.
1.1.2. Modeling diffusion
It has been observed that the plot of the number of users of a new technology (or product) against time is that of a common S-curve. It looks natural to expect adoption to slowly proceed at the beginning, then haste as it diffuses among potential adopters, and finally, decelerates as the saturation point is reached. As an example of such behavior, the New York Times published an article showing distinct adoption patterns for different innovations among United States population (Figure 1).
Fig. 1. Adoption (%) in USA households for some innovations.
Page | 3
By observing this graph we can perceive certain heterogeneity among the behavior of different curves, which was remarked by Rosenberg. There exist two mechanisms used by the two leading models that try to analyze the dispersion present in adoption times, these are: adopter heterogeneity, and adopter learning.
The first one, heterogeneity model, states that different values for an innovation are assigned by distinct individuals. In order to produce an S-curve for adoption, the following assumptions are taken:
1. Values by potential adopters on the new product present a normal (or near normal) distribution.
2. Product cost remains constant or depreciates at a constant rate over time.
3. Consumer adoption is done when their perceived benefits are greater than its cost.
The learning or epidemic model is an alternative, which is extensively mentioned by many authors in sociological and marketing references (2). Here, the cost of the new technology over time can remain constant and consumers can have exact preferences. Considering consumers learn from their piers about the technology, gradually the adoption rate among people increases up to a point where the market inevitably reaches a saturated stage, thus decreasing the rate. This behavior is also plotted as an curve. Both models can be combined together to remark the S-curve graph.
This type of models has been successfully used in diffusion research to describe data. Some researchers, such as Edwin Mansfield1 and Zvi Griliches2, address data analysis by identifying different diffusion curves for distinct innovations and associating their parameters (usually two or three) to their economic characteristics. This simple and transparent method captures the principal characteristics of the process.
Economists, like Paul Stoneman, have opened a new line of research based on the idea that the process of adopting a new technology is comparable (if not identical) to any investment where
1 http://en.wikipedia.org/wiki/Edwin_Mansfield 2http://en.wikipedia.org/wiki/Zvi_Griliches
Page | 4
uncertainty is present, thus it can be studied in the real options framework suggested by authors Robert S. Pindyck and Avinash K. Dixit back in 1994 (3). Here, the descriptors of the adoption of new technology are:
1. Uncertainty about forthcoming profit flows. 2. Irreversibility that leads to some sunk costs. 3. Chance to delay.
The advantage of this model is that these features can be easily incorporated into the decision-making process of the adopter. Here, a call option to adopt the new technology is owned by the potential adopter who can execute it at any time, this implies that there exists an “option value” to wait, in other words, the decision to adopt should rather be taken until benefits surpass costs than immediately when they become equal. This may be a reason why diffusion is slow.
1.1.3. Demand factors
We can see that the factors that dictate the adoption of new technology are the benefits perceived by the users and the implied costs of the adoption. Benefits can be as simple as the variation in profits when an organization starts using a newer technology over the old one, or the augmented usefulness from the new product (in case of consumers). Apart from the economic factors mentioned, there are some others such as the existence of complimentary worker skills and inputs, strong customer relationships, and network issues (1).
1.2. Advent of Cloud Computing
Since not long ago, in the information technology (IT) sector, the appearance of the so called “Cloud Computing” term has become one of the hottest buzzwords and most hyped topics around.
Page | 5
The word “Cloud” is not new at all and was introduced or mentioned as a metaphor when referring to the Internet. Its frequent appearance, in the shape of an outlined cloud, was inside networking diagrams as a common practice to depict an entity where data was transported through digital connections outside the organization‟s domain up to a point on the other side of this cloud. Nonetheless, the concept itself was introduced by Prof. John McCarthy in 1961. Back in the day, he proposed that computer time-sharing technology in the future would result in computing capabilities and also certain applications to be commercialized as utilities did (4). This idea gain popularity during the late 60‟s; however, amidst of the next decade (70‟s) this thought lost support as the existing infrastructure and technologies were inappropriate to support such dreamed computing model. The idea remained buried until the IT industry of the new millennium revived it. As a result of such renovation the term has been revolving around technology groups.
While this nascent technology is yet trying to demonstrate all of its full potential to the market in the form of digital information services, provided mostly by third parties through broadband connections, detractors regard it with skepticism. The main arguing matter for them is on the field of corporate data security.
On the other hand, the fact that a considerable reduction of operating costs (OPEX) can be achieved, in contrast with running and managing proprietary server infrastructures along with hiring the corresponding IT experts to supervise it, is quite appealing to several organizations. It is true that not only firms should be watching about cloud computing, but also governments might be making extensive use of it as foreseen by the Cisco Internet Business Solutions Group (IBSG) (4).
1.3. Objectives
Inspired by the cloud computing technology diffusing all over the world, the present work intends to focus on what is happening with this industry within Japanese companies. The purposes of this research are as follows:
Page | 6
• To identify whether Japanese companies are aware of the potential that Cloud Computing might present to their operations.
• To recognize the problems faced by early adopters, as well as the promises and benefits observed.
1.4. Research Questions
1. To what extent Japanese SMEs and large companies are aware of Cloud Computing? 2. What are the main concerns and challenges observed by Japanese SMEs and large
companies considering the adoption of Cloud Computing into their IT operations? 3. What does Cloud Computing lack to become largely accepted and adopted by Japanese
companies?
1.5. Methodology
Taking into consideration that cloud computing is still in its early stages and, as many nascent technologies out there, there is a lot of buzz and hype created by the media that eclipses what is really happening in the industry and with the users of that technology. With this in mind, the present work tries to get the insights of the Japanese organizations, SMEs and large companies, looking into the potential of the Cloud and what are their concerns toward the adoption of such technology.
The chosen way to obtain this information was through a questionnaire (see Apendix 1) comprised of 16 questions regarding various aspects surrounding the adoption of cloud computing among Japanese companies. Due to time constraints, the questionnaire was applied by internet (online) instead of the traditional way. The questions were inspired by similar works
Page | 7
applied to other markets (e.g. United States, EU) by some initiatives, such as ENISA3, F54 and KPMG5.
Primary data was provided by the results obtained from the application of the questionnaire to Japanese SMEs and large companies, which were taken from the JASDAQ list published in November 20106.
Along with the questionnaire, several resources were consulted to obtain a wide panorama of cloud computing technology globally, as well as for the Japanese market. Various organizations and authors have published books, white papers, performed forecasts, surveys, etc., regarding specific topics related to this technology.
Once the answers were collected from the respondents, data was processed and categorized to address the objectives.
1.5.1. Online Questionnaire Application Tool
SurveyGizmo™3.07 is the tool used to design, distribute and manage the questionnaire, as well as collecting the answers from respondents.
SurveyGizmo is a company founded in January 2006, with her main quarters located in Boulder, Colorado. Since the beginning, her intention was to provide users with a better way to build online surveys. Her services go farther than just delivering an instrument to post a survey on a webpage. A high level of survey customization, with flexible question options, is available for all the users, who can design not only basic surveys, but also complex ones, as well as polls, evaluations and quizzes, to fit perfectly with their needs. After sending a survey, the information
3 http://www.enisa.europa.eu/ 4 http://www.f5.com/ 5 http://www.kpmg.com/global/en/pages/default.aspx 6 http://www.ose.or.jp/e/market/statistics/investment_jasdaq 7 http://www.surveygizmo.com/
Page | 8
can be compiled easily, thus gaining insight directly from the respondents. SurveyGizmo promotes itself as the ideal solution for researchers, educators and feature-focused marketers. The first step before you can start creating a survey with SurveyGizmo is to decide on the purpose of such survey. SurveyGizmo offer free accounts for anyone to try her services and, in a further stage, decide whether to contract a paid service that meet his needs. Once the survey has been created, you can distribute out the link to your intended targets. For users with paid accounts, additional options are provided to send out the invitations, for example, to publish surveys under a private domain or send out customized sub-domain links to their online respondents. Much more advanced options for publishing also enable the user to embed the survey inside a private website different encodings, such as HTML, Javascript, or iFrame.
SurveyGizmo also offers a summary of the information gathered from the respondents immediately as they finish filling out the survey for you to review. After the answers have been collected they can be exported as an Excel or CSV (Comma-Separated Values) file. Additionally, there is an option to create reports and customize them with filters to show only the respondents that have answered the questions in a specific way.
With a whole arsenal of customization options is easy to understand why SurveyGizmo is the chosen tool of more than 143,000 companies, governments and professionals who are currently using it.
SurveyGizmo provides collaboration capabilities with other products and within work teams, some of them are:
Add and assign users to a single account
Integrate with SalesForce.com, Mail Chimp, Exact Target, etc.
Detailed data reports can be shared among colleagues.
Custom templates are available to provide a professional look.
Some advantages of using SurveyGizmo over other similar available applications are:
Page | 9
Free accounts (including student accounts) can be easily obtained for single users with fewer needs.
Depending on the plan level, amount of monthly responses that can be collected is higher.
Organizations can design custom-branded surveys.
Data (questions, answer, contacts, settings) can be distributed and managed in several different ways.
Similar tools are:
Zoomerang8 Checkbox9 SurveyMonkey10 8 http://www.zoomerang.com/ 9 http://www.checkbox.com/ 10 http://www.surveymonkey.com/
Page | 10
Chapter 2. Literature Review
2.1. What is Cloud Computing?
Several cloud vendors, users and analysts define cloud computing in simple terms as IT services capable of dynamically scale themselves as needed and are in the domain of a third party. Cloud computing conveys to primary economic implications:
Drift of capital expenditures (CAPEX) to operational expenses (OPEX)
Implied reduction in OPEX related to infrastructure operations.
A movement from CAPEX to OPEX lowers substantially the inherent financial obstacles for starting up a new project.
For those organizations using the self-hosted model, certain budget needs to be allocated in order to acquire new hardware and software licenses for a certain project, which in turn yields a fixed cost despite the project success (5). On the other hand, for those running under an outsourced way (managed hosting), typically, incur on initial fees corresponding to operational costs of one month and a contract of one year of costs in advance.
In order to be cost effective it is critical to maximize utilization out of every single server. The latest technological improvement that serves as a catalyst to reach a high utilization rate and which is the core factor responsible for boosting the Cloud as the actual IT paradigm is
virtualization. This technology basically enables a physical server to be partitioned into several
virtual servers. In turn, each of these virtual servers behaves as a whole individual server capable of working with an operating system and complimentary applications. As we will see, these single servers are the fundamental units that can be offered as a cloud computing service.
Another characteristic of the Cloud is its ability to act elastically (scale dynamically) according to demand, this is, as requirements grow (or shrink) so does the resources. Any average application starts up with a basic set of resources and in face of peak conditions more of these resources are needed. In order to maintain a good performance even during peak bursts, under
Page | 11
the actual model (not with the Cloud), one must build enough capacity, this means over-stocking hardware for the specific task. The lead time for deploying these dedicated hardware assets takes considerable time (weeks or even months). Using a cloud scenario, several resources, already virtualized, can be added or released in response to application flow in an automatic way. Thanks to this automation, the costs incurred are coupled with the usage of the extra resources exclusively during the time they remain deployed.
For managed hosting services, they are usually charged with a startup and a year wise contract commission. This scheme does not necessarily apply to the Cloud, which breaks this obstacle by eliminating initial fees and contracts; additionally, there is no need to undertake a certain level of consumption.
Besides lessening the economic obstacle to launch new projects, cloud computing boost organization‟s responsiveness by lowering the time needed to plan, purchase, provision, and configure resources. Due to the large amount at which providers can procure hardware and bandwidth capacity, an advantage can be obtained as well. Nonetheless, it is worth mentioning that cloud computing does not pretend to become a panacea, thus there are situations where it is more convenient not to adopt it.
2.1.1. IT evolution for cloud computing
Cloud computing was not born utterly forged in a blink from technology existing in 2005. More than forty years of its foundation technologies support it. The process to achieve the actual stage has been evolutionary and involves contrasting fields. This bundle of advances depicts an innovative shift on how IT will work in a future.
Around ten years ago or so, the Cloud as an entity was showed frequently in application diagrams as an avatar of the Internet, which in turn became the entire icon of nowadays.
Back in 1960s the first commercial mainframes saw the light in the market. It is true that at the beginning only a single user could make use of them. As time passed up to 1970s, a shift to
Page | 12
resources sharing among several users was a reality. The illusion of having the entire computing resource (virtual dedicated machine), for every single user, was undertaken by the implementation of a virtualization process.
At that time, the interface to access such virtual instances was a rudimentary monochrome terminal (thin client). The driver for applying virtualization to a resource in order to become a shared one was the scarcity of such computing resource. For the actual Cloud, this driver is the frenzy to maximize utilization of physical computing resources.
Then, the era of the client-server model arrived; as computing power doubled, work regularly moved from centralized computing to distributed systems. Afterwards, during the age of PC desktop applications, the migration was almost done with the creation of thick client applications for everyday computing chores. On the other side, the mainframe was relegated from its functions to merely to run mainly corporate applications.
The protocol TCP/IP (Transmission Control Protocol / Internet Protocol) was designed as the result of the effort to standardize networking technology to provide connection among systems and became widely used since the creation of the Internet in 1980s. With the domination of the web and HTTP since late 1990s, the situation turned again in pro of a thin-client model. This previous step was fundamental before doing the shift into cloud computing age.
Some other significant and not always apparent stages are worth mentioning, like the chain of shifts from mainframe to client-server and then into web; the other one is the evolution of how data centers are designed, deployed, powered, operated and upgraded.
An astonishing increase in storage and computing power are the two core factors that provide the ability to process huge amounts of data on inexpensive hardware (servers) in a brisk. Computing power is measured in a unit called FLOPS (Floating Point Operations Per Second); which is the amount of single math calculations (e.g. additions) that can be performed in a particular computer cycle. In order acknowledge the progress of computational power accomplished up to now, let us mention as an example, the power of one of the most advanced computers (Cray-1) during 1976, which attained a capacity of 150 MFLOPS (Mega-FLOPS); as a comparison point,
Page | 13
a standard PC nowadays, with a four (quad) core processor as a its brain, can run at 50 GFLOPS (Giga-FLOPS).
Focusing on storage capacity, as mentioned earlier, an impressive decrease in cost favors the ability to create tons of digital content, such as high resolution pictures and high definition video. Back in the early 80‟s, storage cost more than 200 USD per megabyte; in our days, it is less than 0.01 USD per megabyte.
On the networking technology side, one can find in today‟s data centers, bandwidth rates in the range of 100 to 1000 Gbps (GigaBits Per Second).
The software part of the evolution is comprised of three streams of development: Virtualization, Service Oriented Architecture (SOA), and Software-as-a-Service (SaaS).
As mentioned before, virtualization was first implemented in mainframe systems. What is new about it, since late 90s, is the extension of this technology to work in common and inexpensive hardware with the creation of partitions and time-splitting the operation of this hardware with modern multi-core processors. VMware11 is one of the global leaders in virtualization and cloud infrastructure who promotes this technology and is one of the main providers of virtualization software.
SOA refers to interoperable services among different systems using standardized web protocols. It brings an architectural model for developing complex applications capable of running over several virtual machines.
SaaS is more a business model innovation rather than a technological one. Usually software for enterprises was offered under a life-time licensing model, in other words, the customer bought the right to make use of a particular application during an unspecified period of time for a fixed (and regularly high) price. Additionally, customers had to pay around 18 per cent more of the total price for maintenance and support, with which they received application upgrades and direct help as a service. Under SaaS model, customers do not need to buy the software, instead, they rent it. The applicable fee is proportional with its usage. A customer pays for access to an
Page | 14
application for a certain period (days, weeks, months, years), with the option of halting the usage whenever she decides. That is why SaaS is seen as a pay-as-you-go or on-demand model.
2.1.2. Cloud layers
SaaS was renamed after a former model introduced not so long ago, in which an application could be rented directly from an Application Service Provider (ASP). It was thanks to this antecessor that the concept of pay-as-you-go was firstly applied into the software industry, thus reducing the initial capital investment needed previously in the traditional model afore mentioned. Another advantage of engaging into this model was that you got rid of the process of acquiring hardware and software since the services were immediately available and could be activated as needed.
The order in which we are going to present the layers comprised in cloud computing offering is in relation with flexibility and complexity levels to be managed in the stack of services (Figure 2).
Page | 15
2.1.2.1. Infrastructure as a Service (IaaS)
The first in the list is called Infrastructure as a Service (IaaS), which provides the most amount of flexibility abut also more complexity. The user can grasp control over any virtual machine image, offered by an IaaS provider, running the operating system of her preference and activate it whenever she wants. A developer can configure these images to run any application.
Bandwidth, as a commodity, is consumable and billed based on the transit to/from the system. Also, storage is usually accounted per gigabyte in a monthly basis. The great flexibility of IaaS comes from the level of control one can harness over the resources consumption along with its corresponding demand of dexterity required to conduct the operations effectively.
2.1.2.2. Platform as a Service (PaaS)
In the next level we find PaaS, which grant less communication with the pillars of the system. In other words, interaction (administration) with the virtual operating system is not required. The user does not need to worry about the underlying stage (OS operations) while developing applications. However, the user has to attain to the programming languages available from the provider.
2.1.2.3. Software as a Service (SaaS)
SaaS designates those applications and services available on demand as we have already mentioned before. Additionally, there is another category called Framework as a Service (FaaS), although not all the authors agree on including it as a separate classification. We mention it here because the similarities it shares with SaaS. On the particular case of FaaS, it is a complimentary environment for a particular SaaS system to extent its base capabilities by coding further functionalities using the framework of that particular application provider.
Page | 16
2.1.2.4. Private clouds
Also known as internal clouds or corporate clouds, these are modifications of standard clouds where the underlying data centers are located on premises and managed by an organization to provide cloud computing services to its members. These resources are not offered to common public. A private cloud can operate in a lower scale but very similar to a public cloud when an organization has enough subscribers and sufficient general capacity.
In order to operate private cloud, organizations must undergo significant modifications to their operations, such as creating mechanisms to move its applications or data into a public cloud when necessity arrives.
Although, the option of implementing a private cloud might be considered as an ideal solution, there are concerns that organizations should analyze first, some of them are:
• Reduced scale cannot achieve economies of scale.
• Legacy systems and applications are hard to migrate into clouds. These must need to be re-codified to work more efficiently under a standardize framework.
• In-house does not necessarily translates into more security. This issue has been the most significant for enterprises looking to have their data and systems running in data centers behind their proprietary firewalls. Obviously, investment and effort towards security tightening have to be spent by them.
2.1.2.5. Hybrid clouds
As the term might imply, these are implementations that combine aspects from public and private clouds. A scenario where it could be suitable to choose this kind of cloud is when the strength of a private cloud in terms of capacity has been depleted and extra capacity must be acquired from somewhere else off-premises.
Page | 17
2.1.3. Where to adopt the Cloud
Possible scenarios where cloud computing implementation makes sense are, for example, in a case where an application needs to be developed and deployed for an explicit short period of time. Hence, the organization suppresses the initial capital cost for provisioning the hardware needed to run it.
Whenever an application is running, scale requirements tend to vary in different ways. Sometimes demand variability can be anticipated and predicted; let us say for example, a financial or trading application that experiences demand bursts whenever market opens and closes. Another typical situation where web sites endure high traffic is during seasonal shopping periods, such as Christmas or the following days of Thanksgiving. These fluctuations require additional capacity should applications can perform seamlessly guaranteeing average performance to all its visitors. To make this point clear, let us show the traffic curves of two online e-commerce applications, based on the number of visits during the last six months (Figure 3 and Figure 4):
Fig. 3. Traffic curve (Gamestop.com).
Page | 18
Fig. 4. Traffic curve (Amazon.com).
Source: Quantcast.com
In case you consider to provision adequate infrastructure to handle peaks, the costs incurred will increase by the same factor of the capacity excess. Efficiency is the first advantage gained by purchasing large volumes of infrastructure; however, compared to the general size of the demanded investment to cope with the peaks, benefits are minimal. Let us analyze this statement; whenever a traffic burst (peak) appears, the whole underlying infrastructure will reach maximum utilization rates for the application (website) on demand, but, as soon as the peak flattens the extra infrastructure will remain idled or underutilized.
Nonetheless, when it comes to cloud computing model, an organization can handle predictable peaks without incurring in unnecessary additional costs. When traffic flux arises, you can activate as many complimentary virtual images to cope with excess loads. What is great about this approach is that you only have to pay for the time these instances are performing online (active).
It is true that not every peak burst can be predicted easily. Spikes can occur due to several different factors, such as unexpected events with null (or little) warning, as the case of a natural disaster; this might lead to halting applications and systems whenever the surge overwhelms available capacity.
Page | 19
An enterprise can gain an economical leverage in a situation where non-critical applications can be deployed into the cloud, in other words, systems that are not strategic to the overall business. Within an organization there are component applications that serve internal purposes, which are perfect candidates to be migrated into a cloud environment, thus saving limited IT resources. To mention an example, backup storage systems are imperative for daily operations and consume valuable IT resources to maintain them functioning; to alleviate this, a backup system can be procured directly from a cloud service provider. In turn, the backup solution is a core competency of the provider, who can perform that task in a more economical and efficient manner than using the client organization‟s IT resources. Freed internal resources then can be focused on more strategic business projects.
2.1.4. Where NOT to adopt the Cloud
Although high expectancies are still upon cloud computing, this technology is not suitable in every environment. Following, we discuss some situations where is better not to adopt the cloud. As mentioned before, legacy systems do not adapt seamlessly to cloud requirements. Data centers designed for cloud computing are built on commodity infrastructure (hardware and software), thus, applications running on them are specifically designed with that purpose in mind. Standardization is in site with virtual machines running Linux or Windows as the operating system. Legacy applications, on the contrary, are deployed on very specific operating systems, such as VMS or HP-UX. Legacy applications were designed long before the appearance of cloud computing and with no further vision on preparing them to migrate to another infrastructure different from its proprietors‟, hence, considerable efforts have to be done if you want them to be converted into cloud-compliant applications. It is recommendable to analyze the remaining life of these systems and whether they are potential candidates to operate in the cloud, if so, the recommendable option is to redesign and codify them from the ground up.
For applications serving real-time data with a high level of criticality, such as real-time image processing (e.g. Magnetic Resonance Images) are doubtfully potential candidates to rely on
Page | 20
connectivity over public cloud environments even if the application can deliver full uptime. Cloud computing services are yet delivered up to date under the best provider‟s efforts; in other words, the possibility of poor performance can occur.
Other category of systems that must be treated with cautious are those that process confidential or high-sensitive information, such as the ones used in healthcare sector, where privacy compliance is exceptionally delicate and is regulated, in the United States, by the HIPAA (Health Insurance Portability and Accountability Act). No matter when this kind of sensitive data is expected to be migrated, special care and extra security measures must be taken to assure its protection as it is done with information contained in the internal IT infrastructure.
For example, how to guarantee proper deletion of confidential information contained in digital format? In general, whenever digital information is erased from a disk it is not precisely deleted, but rather tagged for a deletion operation. Then, let us say, when another application running in the system needs to save data onto the same disk, the possibility that this new data overwrites the previous information contained in that same position, previously marked as deleted, the former data is then truly destroyed. In case you have direct control or ownership over the disk you can choose to reformat the disk to ensure proper deletion of previous data; however, for information contained in a cloud infrastructure, it is stored on disks shared with other tiers. Thereby, certain level of control is lost over how to properly deal with data deletion, in other words, you can command to delete a certain file, although there is no way to certificate the data was entirely eliminated.
Page | 21
2.2. Hype Cycle
It had happens everywhere, you hear from a friend, news or while browsing the web, about a latest technology, revolutionary business model, or distinct management technique. You detect an opportunity to adopt it, and whether you jump into it at the right time, it is probable you will get there with an advantage over your competitors can catch you on. On the other hand, if you adopt it too soon you will carry with the burden (e.g. costs) of its immaturity. Then you might be thinking that sometimes the best tactic is not to adopt it. Green business and Web 2.0 are two examples where organizations have invested just because expectations and promises for them are elevated. On other scenarios, they simply ignore or delay a chance to invest in an innovation that is not receiving such early expectations. A former hype cycle came with the boom of the “.com” which exhibited enthusiasm for Web influx and drove for investment in web sites intended to bring a lot of visitors per week along with supposed revenues (6).
This section introduces the concept of the so called “Hype Cycle”, defined by Gartner (8), which peculiar contribution is in emphasizing the challenge of adopting an innovation amidst the initial stages of its life cycle. The hype cycle is also the unique model of its kind that has switched from an abstract concept and has been employed extensively as a useful tool for management decision making, keeping track of several innovations over more than ten years. The hype cycle has proven to be not only a descriptive but also a predictive tool. The hype cycle is beneficial to anyone interested in the adoption of any innovation, especially to those who must take critical decisions about whether and when to select a new idea, practice, process, technology, or product. It helps to show in a highly visual and simple manner the cycle of over enthusiasm, dashed expectations, and eventual maturity12.
The general plot of the hype cycle is comprised of are two axes. The horizontal axis represents the time while the vertical axis exhibit the expectations (visibility) for a technology (i.e. the future value one expect to gain from it). Next, five critical phases or stages are defined as follows:
Page | 22
Technology Trigger: This first stage is when an event for a potential technology (yet to be adopted) is held or a product is launched, triggering the interest of the media who in turn creates heavy publicity about it.
Peak of Inflated Expectations: At this stage is where a technology or product is overhyped, causing elevated expectations more than it can really deliver.
Trough of Disillusionment: In this major phase is where people realize that the technology lacks the capability to entirely serve their demands or it looks quite different from what marketing declared. In consequence, the subject is no longer pushed by the press. During this phase, several organizations begin to use the technology while many others still wait to see a feasible advantage.
Slope of Enlightenment: Finally, while the hype is no longer present, more and more successful examples on the use of the technology continue to emerge.
Plateau of Productivity: Here, the market has broaden and matured.
A general draft of a hype cycle with indicators of market, investment and adoption activities is shown in Figure 5.
Page | 23
Fig. 5. Hype cycle.
Source: Gartner (August 2010)
Along the hype cycle curve several traps exist (Figure 6). In order to minimize the risks associated with these traps, the STREET (Scope, Track, Rank, Evaluate, Evangelize, and Transfer) framework can be applied to investment decisions, allowing you to gain advantage of its twists and turns.
Page | 24
Fig. 6. Hype Cycle's traps.
Source: Gartner
The STREET process was developed by Martin Muoto, Gartner analyst, in 1994. Jackie Fenn13, also Gartner analyst, has been refining this process of technology adoption into a framework to showcase the best practices that leading companies follow.
STREET acronym stands for:
Scope: To establish the context for innovation.
Track: To collect the candidates for such innovation.
Rank: To prioritize these candidates.
Evaluate: To understand potential rewards and latent risks.
Evangelize and Transfer: To make it work.
13 http://www.gartner.com/AnalystBiography?authorId=6543 Adopt too early Retire too soon Adopt too late Hang on too long
Page | 25
2.2.1. The Cloud in the Hype Cycle
As Figure 7 shows, the trend about of “cloud computing” term started to flourish sometime near the third quarter of 2007 and rapidly has been rising in popularity, as registered by Google Trends.
Fig. 7. Google Trends about Cloud Computing (global).
Source: Google trends.
Regarding the identification of Cloud Computing and its position in the hype cycle, Mark Raskino, renowned analyst at Gartner, recognized that the term of "Cloud Computing" is definitely being hyped at this time. He also admits that the word has been "hijacked" with marketing purposes. Several companies are attaching it to their services since it is all around in the press. Raskino questions himself whether this phenomenon is good for the technology.
He foresees that cloud computing will not fail, as in the case of Internet services over utility power lines. Nonetheless, he expects to find, after it passes the trough of disillusionment phase, to see disparity and distress among vendors and business models.
Page | 26
Since cloud computing is not a single technology in itself and its different platform levels are pushed in an unbalanced way, Raskino mention that SaaS is showing more maturity than the rest of platform levels. Although, IaaS is increasing in popularity thanks to press promotion.
If we observe the hype cycle, there are several actions we can take in order to control the hype. First, there is the option to play early or late. If you go for playing early, an advantage over competitors exists. Nevertheless, a higher risk of failure is associated with this strategy. At this time (hype phase) is better to experiment with cloud computing. On the other hand, if you decide to participate late, the technology will be in a state of maturity with the corresponding risk of loosing the aforementioned advantage. For those who want to grasp the hype and are already riding into the Cloud, it is important not to quit at the point of disillusionment.
Gartner also indentified the opportunities lying along the hype cycle that we can find depicted in Figure 8.
Fig. 8. Hype Cycle's opportunities.
Source: Gartner
Imagining the implications
Leveraging lower costs & risks
Expanding a niche Leading the mainstream wave Banking your experiences Maximizing
publicity value Acquiring talent
Planning your purchases Finding your angle Getting the jump on competitors Optimizing supplier relationships
Page | 27
It was in 2003 when SaaS (at that time known as ASP (Application Service Providing)) became popular. While many gave up, others remained improving their platforms and are today very successful. It is nonsense to dive into cloud computing right now just because it is popular and you feel that your company needs to get into it. As Raskino said, “Once a technology is in the „Hype,‟ it's like a fashion thing”14
. It is wise to wait until it has been proved and is stable. Still, you have to mind the existing tradeoff among the nascent and mature states of a technology. Figure 9 shows the hype cycle of cloud computing as of 2010.
Fig. 9. Hype cycle showing current state for Cloud Computing technology.
Source: Gartner
14
http://cloudcomputing.sys-con.com/node/1848983
Page | 28
2.3 Security and Vulnerability
A remarkable assertion is brought into scene, which says that when using a cloud service, aegis against menaces is set up closer to where those hazards are found, thus easing and raising effectiveness for protecting customers against security risks (e.g. malware) (5).
However, the concern about security always strike first by questioning, is the cloud completely safe? Let us turn our attention to a recent outbreak occurred in the turf of one of the biggest giants and competitors of cloud computing services, Amazon.com; which proves that the cloud is not entirely secure. Nonetheless, it is more accessible in economic terms, with higher levels of efficiency and scalability, and equally (more or less) safe as corporate computing. A point on its favor is that, due to the fact that it is constructed and operated by dedicated processes, it counts with the promise and resources to position itself in a virtuous cycle of continuous enhancement and building knowledge from its faults. Let us take the example of commercial flying, which is not completely impervious either, however, it is now much more safe than it was before (i.e. 50 years ago); and the reason is because it endured on similar duties of continuous improvement. Continuing with this example, we do not quit flying considering it is only 99.99 per cent safe; on the same way, in the years to come, we should not flee from cloud computing because the scarce occurrences of an outbreak similar to the one experienced by Amazon.com (7).
Cloud computing is perceived as the next borderland for corporate computing, although its corresponding risks regarding external providers manage corporate information is hindering its adoption. According to a survey performed by Symantec, barely one out of ten early adopter firms exert explicit policies to guarantee data protection on the cloud, while the others are still unaware of the security risks associated.
As noted by Justin Somaini, chief information security officer at Symantec, organizations are oblivious regarding cloud computing offerings to conceive them secure, basically putting at risk their customer information, data and operations. He also mentioned that nowadays, firms require robust information governance in order to control corporate data and facilitate trust in the cloud. The success of cloud computing rests on the assurance and reliance that happen when the data
Page | 29
security groups have the whole frame about the security position and measures of cloud providers (8).
Risk and security experts prevail skeptical about cloud computing providers towards the responsible administration to safeguard their customers‟ information and privacy. However, these experts can not prevent the usage or access to technologies, such as cloud computing, videoconferencing, mobile, or social.
It is conspicuous not to reject cloud computing completely due to security issues alone. It is wise to take into consideration the benefits of this technology (e.g. economics and efficiency), which are irresistible enough, thus organizations should make a detailed cost/benefit analysis. Besides, cloud computing providers may have IT security strengths that fit or surpass those in your organization. Switching to a cloud service might in fact enhance your security stance.
Some criteria to look for while evaluating cloud providers are:
Construction of uniform IT environments. Usually cloud providers have no need to work with the intricacy of legacy systems and infrastructure that reside in several businesses. It is a common practice for cloud providers to build their data centers using identical software and hardware. In this kind of atmosphere it is easy to spot a faulty element and thus, react immediately.
Comply with industry certifications, which demonstrate, at some extent, its security
wisdom. Cloud providers are conscious that issues related to security are some of the
main obstacles for spreading cloud computing services. As a countermeasure, several providers are embracing broadly accepted industry standards (e.g. ISO 27001/215, FISMA16, and SAS 7017), with the expectation of dealing with some of these barriers. Although, these certifications by themselves are insufficient, at least provide a factor to be taken into consideration. It is worth mentioning that these certifications were not created specifically for cloud computing services.
15 http://www.27000.org/
16 http://en.wikipedia.org/wiki/Federal_Information_Security_Management_Act_of_2002 17 http://www.sas70guide.com/
Page | 30
Development of state of the art threat intelligence and management strengths. Among cloud services, those related to security have a broad view of menaces due to the high amounts of traffic processed. Enterprises might be interested should the provider exploits this view to acquire and advantage towards threat intelligence and the capacity to react immediately.
Having highly qualified security personnel. Since organizations confer valuable information to their service providers, it is better to agree with the way the provider protects it. This point has a lot to do with the level of dexterity and savvy of the staff available on the provider‟s side.
After the analysis, the cloud by itself does not necessarily yield to more or less protection. What is needed to do is an evaluation on the level of protection maturity of the service provider, as it has been done commonly in a traditional outsourcing operation.
Considering the cloud providers have already built all those aspects, such as implementing established security processes, standards, guidelines, and procuring trained personnel, to secure their principal IT infrastructures, still few concerns persist, like the following:
Guarantee data protection while in flow, use, store, and deletion. There are providers that supply safe data transactions in and out of their turf by using HTTPs18 (or other secure channels). Additionally, few others offer data-at-rest security, like encryption. Fewer work with secure ways for data-in-use, in other words, live inside the application; and warranty of proper data deletion. What is demanded are services qualified to protect the data during its entire life cycle; this is, from the moment of data creation inside the cloud environment, till its definitive disposition. However, it is wise to recognize that at this moment, cloud computing industry altogether is not yet at that required level.
Managing access and identity control. A huge challenge exists for trying to keep access and identity control through an atmosphere that may be comprised of private infrastructure, public and private clouds.
Page | 31
A tendency among cloud users is that they are learning on how to choose the most appropriate type of cloud according to their specific needs. They compare options from public, private and hybrid clouds watching at their cost, functional, and security requirements.
Nowadays, there exist more than 78 industry groups working on the creation and definition of standards for cloud computing, among them, 48 profess to have elements concerning security. An example of these groups is the Storage Network Industry Association (SNIA)19, which is working to come up with standards related to storage and data management. Another one is the National Institute of Standards and Technology (NIST)20, which is a prominent standards body in the United States, although it has few specific cloud computing working groups and publications (9).
19 http://www.snia.org/cloud 20 http://csrc.nist.gov/
Page | 32
2.4. The Cloud over Japan
Cloud computing, as a buzzword (「クラウドコンピューティング」), appeared in Japan as a trend around six months later, compared to global searches (Figure 10).
Fig. 10. Google Trends about Cloud Computing (Japan).
Source: Google trends.
It is certain that American companies sit atop in the way of cloud service providers. Nonetheless, the future is not always brilliant for those who set up a technology first. Additionally, Japan is well recognized for its dexterity on adopting and adapting new technologies in a very favorable way. In this regard, Japanese entrepreneurs, as well as already existing companies, are taking their steps into it and do not want to miss the chance to take advantage of such a promising technology. Japan‟s cloud computing services market is showing great growth potential as IDC (12) analysts predicted (10).
As published in July 2010 in the biweekly newsletter Vol.21 No.5 of the Japanese Ministry of Internal Affairs and Communications (MIC)21, she has leaded the "Investigative Commission on the activation policy of the Cloud Computing Era Data Center" since May 2009. The purposes of
Page | 33
this approach are to establish Japan as hub of Asian information transmission and elaborate plans concerning the development of the ICT industry and creation of new services.
Cloud computing adoption among Japanese companies is starting to flourish and its services market is forecasted to account for about 2.37 trillion yen in 2015, according to a research done by MIC. In words of the former MIC Minister, Kazuhiro Haraguchi, "The market holds a key to improving the productivity of Japanese firms".
American biggest IT service providers are aiming to develop their presence in Japan. In response to this movement, large Japanese companies (e.g. NEC Corp. and Fujitsu Ltd.) started to create strategies to participate in this segment of the IT industry (11). Fujitsu‟s president Masami Yamamoto said at a news conference "We are focusing our investment on cloud computing, because our medium and long-term growth depends on it". "We feel threatened because as the cloud-based business and infrastructure accelerate, existing business areas will steadily decline."22
Japanese vendors are considering specialization as a strategy to achieve competitive advantage. Accordingly, local cloud computing service providers started to offer tailored services and products aimed at demanding customers who are willing to accept that existing software deployment and IT infrastructure are insufficient to comply with the needs of a fast-growing enterprise (10).
Sectors with higher expectations in the Japanese market are accounting and Customer Relationship Management (CRM). Salesforce.com, one of the former U.S. cloud computing service providers, has undergone accelerated growth providing services, mainly in the field of CRM services, to central and local governments in Japan. Previously, her services had been provided remotely from her data center in the United States. Nonetheless, in order to improve the reliability of its services, Salesforce.com had slated an agreement with NTT Communications in Japan to deploy a data center in Tokyo with hundreds of servers operating to cater the local market.
Page | 34
Another company is Toshiba, who has been using the services provided by Amazon to update embedded software for her domestic appliance lines.
Etsuo Kono, from Yomiuri Shinbun, mentioned that some Japanese IT companies have been hesitant to shift to cloud computing due to income reductions they might experience. However, they are realizing that the domestic market might be quickly controlled by U.S. firms. To this respect, another Japanese company, NEC, took the decision to jump into building cloud computing service capabilities by investing around 100 billion yen in a time frame from 2010 to 2012.
Fujitsu, who claims to have deep post-sales services and reliability, also started to build up full-scale cloud computing services. For example, Fujitsu created a domestic back-up system that responds automatically in case of an emergency23.
Up to now, services provided by domestic companies are rather costly in contrast with those offered by Amazon.com and Google, although Japanese ones trust on their reliability. In words of Akihiro Okada, head of Fujitsu's cloud business support headquarters, "Being a leader in reliability will help us win the competition".
As reported on March 03, 2011 by Ralph Jennings, IDG News Service in Network World, Amazon.com has turned its attention to the Japanese market, where demands from developers regarding faster data transfer times and local data storage, have increased recently. To address these needs, Amazon Web Services (AWS) opened a “region” in Tokyo to provide cloud services and computing resources exclusively to Japan. Among the solutions portrayed we can find: rental of virtual instances (machines), web storage services, Amazon EC2 (Elastic Cloud), Amazon S3 (Simple Storage Service), plus some others. These services are complimented with a developer forum and a localized (in Japanese language) web site24.
23
http://www.telegraph.co.uk/finance/globalbusiness/8466155/Rebuilding-Japan-Cloud-may-have-silver-lining-for-Fujitsu.html
Page | 35
Japanese titans (Fujitsu, NTT and NEC) are also looking into cloud computing as a way to expand their operations and markets outside Japan; for this goal, each of them has different strategies and we will see the outcome of their particular approaches in the long future.
In the case of NTT, Weynand Kuijpers, who is the head of strategic alliances and marketing for the European sector, acknowledges the company is somewhat behind in the game and that it lacks of brand awareness outside Japan, which is the main obstacle they are yet facing.
Similar to NTT, NEC has well positioned IT domestic services in Japan. Toru Miwa, who is vice president of international sales and business operations, revealed that it is complicated to harness more business in national territory. However, as part of their plan to expand globally, NEC made public its intentions to build cloud computing capabilities to sustain services in regions, such as China, USA and Western Europe. NEC is going to officially make public her infrastructure partners, to address its services to local businesses, sometime during next fiscal year. Intel, SAP and Microsoft are the technology partners that collaborate with NEC to deliver its services. Last but not least, Fujitsu announced in July 2010 that it was going to allocate one fourth of all its capital investment in its cloud computing line. As for Fujitsu, compared to its above mentioned compatriots, it already has a significant presence outside Japan and this strategy is not primarily aiming for its global expansion25.
According to a study done by Microsoft, Asian SMEs endured much better the economic downturn by making use of technologies like hosted services and cloud computing. Several SMEs confirmed increased revenues, albeit the global recession, than a couple of years ago. Among them, IT is perceived as a critical element to their business achievements.
As shown by the 2010 index, SMEs are increasing their awareness towards the importance of utility-based IT services. Yet, about cloud computing, some of them are withholding due to concerns regarding implementation costs, security of sensitive information, and have no clear idea about the management requirements.
Page | 36
As stated by Alvin Lim, senior regional director of Hosting & Software Services in Asia at Microsoft, they have observed approximately forty per cent increase in demand for hosted services during the past five years. He added that the model of pay-as-you-go is showing to be the most cost-effective way for SMEs to get entry to enterprise-class (12).
Page | 37
Chapter 3. Results and Discussion
A total of 38 responses have been collected for the survey “Cloud Computing in Japan”. Respondents are from a variety of different industries, being “Computers” and “Wholesale” the two sectors with more occurrences (18.4 per cent, each one).
A 13.2 per cent of the respondents are still unaware about the term of Cloud Computing. On the other hand, 42.1 per cent regard it as a kind of IT outsourcing. It is worth mentioning that none of them think of it as a trend that is going to disappear in the near future.
From the companies that are aware of Cloud Computing at least at some extent (33 firms), almost half of them (a notable 48.5 per cent) are already using its services as part of their IT department, while only a minimum of 15.2 per cent have no motive to adopt it at all. The same amount for those who are doubtful to adopt it due to a lack of internal knowledge. For those still considering when to jump in, an 18.2 per cent, think it is feasible to make it in a future (within more than a year). And only a 3 per cent foresee to incorporate cloud computing services in the near future (within less than a year), as shown in Figure 11. Furthermore, from those who are not yet using it, almost half of them consider cloud computing as the next IT model. The other half seems reserved on supporting this statement (Figure 12).
Page | 38
Fig. 11. Cloud adoption rate as part of corporate IT.
Fig. 12. Is cloud computing the next IT model?
We are already applying it
49%
On the short term (<12months) we foresee to adopt it 3% In a future (>12 months) we see it as a feasible option 18% At this moment we can not take a decision whether to adopt it or not due to
a lack of internal knowledge 15% There is no motive to adopt it 15%
Does your organization intend to apply/employ Cloud Computing as an element of her IT department?
Neutral 47% Agree 47% Strongly Agree 6%
Please rate the next assertion: "Cloud Computing is the next IT model"
Page | 39
As well as other studies have mentioned, security issues are considered one of the main obstacles on the adoption of cloud computing. Nonetheless, several of these companies recognize that they lack of expertise in such a field of security. A secondary element that companies think they need to know more about is precisely how does cloud computing operate.
From early adopters, companies that are already using cloud computing capabilities, more than a half (56.3 per cent) have already deployed one or more of their Business Critical Systems (BCS), these are systems or applications that are part of their competitive advantage or represent the core of their operations. On the other hand, some of them (25 per cent) have no intention to migrate any of their BCS to the Cloud. The rest of them are yet planning to do it in a future (Figure 13).
Fig. 13. BCS migration rate into the Cloud.
Cloud computing services are scattered throughout a wide range of options and some companies are using more than one of these services. The three most common among early adopters are:
E-56% 13% 13% 25% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
One or more of our BCS are already deployed into the
Cloud
Migration of 1+ of our BCS is planned to be
done in the near future (<12 months)
Probably in the long future (>12 months)
We have no intention to move BCS to the
Cloud
Is your organization considering migrating Business Critical Systems (BCS) to the Cloud?
